FORUMS
Remove All Ads from XDA

keweonDNS - now with improved Certificate (iOS, Mac & Android)

1,705 posts
Thanks Meter: 4,296
 
Post Reply Email Thread
22nd April 2018, 06:22 PM |#511  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,296
 
Donate to Me
More
Quote:
Originally Posted by levone1

@MrT69 - quick issue, (I know you're busy with much...), not a big problem, just reporting - When I have Keweon certificate installed, repository apps won't get a connection. I'm on Sailfish OS, so mainly I get it with apps that connect to openrepos.net, (Warehouse app, Storeman app...). However, I also had the same problem on Android, with Xposed repository. Easy workaround is to use certificate mgr to uninstall certificate, connect to repos to check updates, etc, then reinstall certificate.

Is it just an issue of whitelisting, or something else?

Thanks

I don't understand why it's working without the certificate but not with the certificate.
That's strange.
The certificate is responsible to terminate all the HTTPS errors because of blocking HTTPS domains. You will get a 200 answewhich shows everything is fine.

Interesting thing and currently no idea why. The only thing I can offer is to connect to my private server an log everything to see what's going wrong.
23rd April 2018, 01:38 AM |#512  
D-dy's Avatar
Senior Member
Flag Kutaraja
Thanks Meter: 127
 
More
Quote:
Originally Posted by AdroitAdorKhan

If you are not sure what you are doing, in any case if it goes wrong, you can use magisk module from Midnight's!

Thx. But, on older android magisk not supported. So directly i edited build.prop , but again I dont know what to set on secondary dns...
23rd April 2018, 05:01 AM |#513  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,296
 
Donate to Me
More
Quote:
Originally Posted by D-dy

Thx. But, on older android magisk not supported. So directly i edited build.prop , but again I dont know what to set on secondary dns...

I'm out on Android ROM Dev from Version 5. The last Edition which supports the DNS within the build.prop was Android 4. Higher versions will not longer support DNS within the build.prop because Google has removed this.

At this point I really have no clue.

If you want to use a secondary server just use a different country. You need to check the speed but actually I can't offer a secondary for each country. The provider has to often reboot or maintenance for each country. The other thing is the price. At the moment it's OK but than the price would double from 700 to 1400 EUR per month and this would become to expensive for me.
The Following 2 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
23rd April 2018, 09:37 AM |#514  
AdroitAdorKhan's Avatar
Senior Member
Flag Madaripur
Thanks Meter: 927
 
Donate to Me
More
Quote:
Originally Posted by D-dy

Thx. But, on older android magisk not supported. So directly i edited build.prop , but again I dont know what to set on secondary dns...

Then I would suggest you to use Override DNS app to use KeWeOn!
23rd April 2018, 12:10 PM |#515  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,296
 
Donate to Me
More
Quote:
Originally Posted by AdroitAdorKhan

Then I would suggest you to use Override DNS app to use KeWeOn!

For Android I recommend this:
https://play.google.com/store/apps/d...erd.dnschanger

From my point of view the best DNS App and Open Source. It is a Fake VPN App and there is no real VPN connection to any server.

If an App is not proper working than create an exception until I have solved it. I'm using this tool since round about 2 years on my mobile device. Thanks to Daniel again for this work.
The Following User Says Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
23rd April 2018, 02:22 PM |#516  
AdroitAdorKhan's Avatar
Senior Member
Flag Madaripur
Thanks Meter: 927
 
Donate to Me
More
Quote:
Originally Posted by MrT69

For Android I recommend this:
https://play.google.com/store/apps/d...erd.dnschanger

From my point of view the best DNS App and Open Source. It is a Fake VPN App and there is no real VPN connection to any server.

If an App is not proper working than create an exception until I have solved it. I'm using this tool since round about 2 years on my mobile device. Thanks to Daniel again for this work.

Yea, I have used this one too. But I don't like VPN thing to keep always turned on! And, as my device is rooted, I used that one. But now I'm using KeWeOn on my router, so I don't need this atm!

And, I would like to know a bit more about CloudFlare, are they gonna support you with your work?

Anyway, thanks a lot for your great job with this project!
The Following User Says Thank You to AdroitAdorKhan For This Useful Post: [ View ] Gift AdroitAdorKhan Ad-Free
23rd April 2018, 02:56 PM |#517  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,296
 
Donate to Me
More
Cloudfare Status


I was asking the CEO of Cloudflare to support me. He delegated the keweon project to his Project Manager.
On Friday last week they decided not to support me without any real reason. This was the answer from them:

Quote:

Hi Torsten,

I have shared the opportunity with our Product and Engineering teams, but unfortunately have not found the right traction to continue the conversation.

Thank you very much for your interest and all the best.

Kindly regards,

...

After this mail I have send an answer with a question and this is still not answerd. I don't care about this and giving up is actually not an option because there is still a chance.

Of cause I'm frustrated but I still belive there is a way.

23rd April 2018, 03:30 PM |#518  
J4jks's Avatar
Senior Member
Flag Hyderabad
Thanks Meter: 248
 
More
Quote:
Originally Posted by MrT69

Cloudfare Status


I was asking the CEO of Cloudflare to support me. He delegated the keweon project to his Project Manager.
On Friday last week they decided not to support me without any real reason. This was the answer from them:



After this mail I have send an answer with a question and this is still not answerd. I don't care about this and giving up is actually not an option because there is still a chance.

Of cause I'm frustrated but I still belive there is a way.

To support keweon they want something in return

Let's Hope for the best
The Following User Says Thank You to J4jks For This Useful Post: [ View ] Gift J4jks Ad-Free
23rd April 2018, 03:39 PM |#519  
Timmmmaaahh's Avatar
Forum Moderator
Flag Bruges
Thanks Meter: 5,613
 
Donate to Me
More
Quote:
Originally Posted by MrT69

...they decided not to support me without any real reason...

It's pretty obvious that they dropped any interest. Shame they don't see keweon's potential. Thank you for your open communication about this.
The Following 2 Users Say Thank You to Timmmmaaahh For This Useful Post: [ View ] Gift Timmmmaaahh Ad-Free
23rd April 2018, 03:58 PM |#520  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,296
 
Donate to Me
More
Quote:
Originally Posted by J4jks

To support keweon they want something in return

Let's Hope for the best

I have take a deeper look into there "Privacy DNS Server Infrastructure".
There are round about 80 Servers. This servers are almost redundant and global shared.
I know this by 100% sure this will cost round about 1.3 Million Euro per year.
Now calculate the global load balancer. This will cost round about 2.5 to 3 Million per year.

In addition they would need some certificates for the TLS DNS Infrastructure.
The traffic differences compared to TLS vs. NON-TLS is incredible high. Because of TLS they need damn heavy Hardware because this is a RAM intensive thing. Every 1.5 sec the non used TLS Session will be dropped.
The entire Infrastructure needs to be supported by 24/7. For this you need a minimum team of 8 to 10 people which will also cost some money.

Security for DNS is also incredible expensive. As I have had my Test Servers within the Equinix Data Center in Munich it was a need to protect them with 2 Cisco ASA and a deep packet inspection to prevent Attacks against my serves. 2 to 8 MS around the globe was the final result.

Once a year they will get external support and consultants. They are responsible to cross check the entire infrastructure that everything is working without logging.

If you think about all of this and if you now think about the fact that they offer this for free than think about your comment again. 😉

I still believe that they are doing what they told us. I believe in the good.
What's about you?
The Following 2 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
23rd April 2018, 04:24 PM |#521  
J4jks's Avatar
Senior Member
Flag Hyderabad
Thanks Meter: 248
 
More
Quote:
Originally Posted by MrT69

I have take a deeper look into there "Privacy DNS Server Infrastructure".
There are round about 80 Servers. This servers are almost redundant and global shared.
I know this by 100% sure this will cost round about 1.3 Million Euro per year.
Now calculate the global load balancer. This will cost round about 2.5 to 3 Million per year.

In addition they would need some certificates for the TLS DNS Infrastructure.
The traffic differences compared to TLS vs. NON-TLS is incredible high. Because of TLS they need damn heavy Hardware because this is a RAM intensive thing. Every 1.5 sec the TLS Session will be dropped.
The entire Infrastructure needs to be supported by 24/7. For this you need a minimum team of 8 to 10 people which will also cost some money.

Once a year they will get external support and consultants. They are responsible to cross check the entire infrastructure that everything is working without logging.

If you think about all of this and if you now think about the fact that they offer this for free than think about your comment again. 😉

I still believe then that they are doing what they told us. I believe in the good.
What's about you?

I don't know much techy details how things work in detail but pretty sure ,it costs

I was just kidding, not serious about "they want something in return"

I'm very thankful for keweon(YOU) to protect my(our) privacy.
The Following User Says Thank You to J4jks For This Useful Post: [ View ] Gift J4jks Ad-Free
Post Reply Subscribe to Thread

Tags
adblocker, dns

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes